An improper input validation leading to arbitrary file creation was discovered in copy method of Nexacro platform. Remote attackers use copy method to execute arbitrary command after the file creation included malicious code.
References
Link | Resource |
---|---|
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36380 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: krcert
Published: 2021-11-30T18:39:25
Updated: 2021-11-30T18:39:25
Reserved: 2021-02-03T00:00:00
Link: CVE-2021-26612
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-11-30T19:15:08.873
Modified: 2021-12-01T19:46:46.290
Link: CVE-2021-26612
JSON object: View
Redhat Information
No data.
CWE